The international ISO 27000 standard defines the requirements for the introduction, production, operation, monitoring, maintenance and optimization of an Information Security Management System (ISMS). This management system, designed to safeguard the security of information, is a list of procedures and rules (information security policy) within a company to enable the security of the information to be permanently defined, controlled, monitored and maintained. The current situation is analyzed and recommendations formulated on how to satisfy the ISO 27000 requirements.